Enumerate all sub-domains of a given domain and check the validity of their certificate

Huuancao / sentinel

A monitoring tool platform for instance to retrieve all certificates of all sub-domains from a given domain by scanning a sub-network and check their validity.

GNU General Public License v3.0

1 stars 0 forks source link

Enumerate all sub-domains of a given domain and check the validity of their certificate #3

Open Huuancao opened 4 years ago

Huuancao commented 4 years ago

First idea of the tool:

Enumerate all sub-domains of a given domain
check the validity of their certificate

For (1), brute-force is definitely out of question, their are a few third-party tools out there. A few ideas here: https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6

Huuancao commented 4 years ago

https://github.com/OWASP/Amass